Abstract

One of the main limitations of today's verification tools is the size of the memory needed to exhaustively build the state graphs of the programs. But for numerous properties, it is not necessary to explicitely build this graph and an exhaustive depth-first traversal is often sufficient. In order to avoid retraversing states, we must then store some already visited states in memory. But since the memory size is bounded, visited states must be randomly replaced. In most cases this depth-first traversal with replacement can push back the limits of verification tools